Vulnerabilities > Filemanagerpro > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-16 | CVE-2024-8918 | Unrestricted Upload of File with Dangerous Type vulnerability in Filemanagerpro File Manager The File Manager Pro plugin for WordPress is vulnerable to Limited JavaScript File Upload in all versions up to, and including, 8.3.9. | 5.4 |
| 2019-04-15 | CVE-2018-16967 | Cross-site Scripting vulnerability in Filemanagerpro File Manager 3.0 There is an XSS vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wp_file_manager_root public_path parameter. | 6.1 |
| 2018-09-07 | CVE-2018-16363 | Cross-site Scripting vulnerability in Filemanagerpro File Manager 2.9 The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via the lang parameter in a wp-admin/admin.php?page=wp_file_manager request because set_transient is used in file_folder_manager.php and there is an echo of lang in lib\wpfilemanager.php. | 5.4 |